SSA-357982 — Vulnetix

SSA-357982 PUBLISHED CVSS 9.100000381469727 CRITICAL

ROS# contains a ROS service file_server, that before version 2.2.2 contains a path traversal vulnerability which could allow an attacker to access, i.e. read and write, arbitrary files, which are accessible with the user rights of the user that runs the service, on the system that hosts service. Siemens has released a new version for ROS# and recommends to update to the latest version.

Risk Scores

CVSS v3.1

9.100000381469727

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Affected Products

Vendor	Product	Versions
	ROS#

Timeline

May 12, 2026 CVE Published

References

https://cert-portal.siemens.com/productcert/html/ssa-357982.html advisory
https://cert-portal.siemens.com/productcert/csaf/ssa-357982.json advisory
https://github.com/siemens/ros-sharp/releases/tag/2.2.2 fix

Open in Interactive Console →